CN111770112A - Information sharing method, device and equipment - Google Patents

Information sharing method, device and equipment Download PDF

Info

Publication number
CN111770112A
CN111770112A CN202010898593.3A CN202010898593A CN111770112A CN 111770112 A CN111770112 A CN 111770112A CN 202010898593 A CN202010898593 A CN 202010898593A CN 111770112 A CN111770112 A CN 111770112A
Authority
CN
China
Prior art keywords
transaction
user
information
intelligent contract
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010898593.3A
Other languages
Chinese (zh)
Other versions
CN111770112B (en
Inventor
陈远
杨仁慧
杨文玉
王辛民
郭倩婷
钱锋
李书博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202010898593.3A priority Critical patent/CN111770112B/en
Publication of CN111770112A publication Critical patent/CN111770112A/en
Application granted granted Critical
Publication of CN111770112B publication Critical patent/CN111770112B/en
Priority to US17/364,612 priority patent/US11310244B2/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/133Protocols for remote procedure calls [RPC]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • Bioethics (AREA)
  • Finance (AREA)
  • Accounting & Taxation (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • General Business, Economics & Management (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The embodiment of the specification discloses an information sharing method, device and equipment. The scheme can comprise the following steps: generating accumulated calling information aiming at a target intelligent contract by a privacy calculation unit according to the acquired transaction information of the transaction initiated by a first mechanism and a second mechanism and used for calling the target intelligent contract; after the accumulated calling information meets the execution condition aiming at the target intelligent contract, executing a contract code corresponding to the target intelligent contract so as to verify the user basic data sent by the first mechanism and obtain a user verification result requested to be obtained by the second mechanism; so that the second institution can acquire the user authentication result.

Description

Information sharing method, device and equipment
Technical Field
The present application relates to the field of internet technologies, and in particular, to an information sharing method, apparatus, and device.
Background
Data sharing is often a requirement for organizations to process services, and there is a requirement for obtaining information from other organizations because a single organization often cannot obtain enough information and cannot process services. Since information at various organizations is a resource, the liquidity and the accessibility of the information are the basis of the development of many data applications and industries, but how to protect the privacy and the credibility of the information in the information exchange and sharing process is a great challenge of the industry development.
Based on the above, how to provide a secure and credible information sharing method becomes a problem which needs to be solved urgently.
Disclosure of Invention
The embodiment of the specification provides an information sharing method, an information sharing device and information sharing equipment, so that the safety and the reliability of data in an information sharing process are improved.
In order to solve the above technical problem, the embodiments of the present specification are implemented as follows:
an information sharing method provided by an embodiment of the present specification is applied to a privacy computing unit, and includes:
obtaining a target transaction, wherein the target transaction is a first transaction initiated by a first mechanism for invoking a target intelligent contract or a second transaction initiated by a second mechanism for invoking the target intelligent contract; the parameters of the first transaction comprise first user identification information of a first user and encrypted user basic data of the first user; the parameter of the second transaction comprises second user identification information of a second user;
updating the cumulative calling information aiming at the target intelligent contract according to the transaction information of the target transaction to obtain first updated cumulative calling information;
judging whether the first updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a first judgment result;
if the first judgment result shows that the first updated accumulated calling information meets the execution condition, executing a contract code corresponding to the target intelligent contract to obtain a user verification result; the user verification result is a verification result obtained by verifying the user basic data of the second user;
and sending the user authentication result to the second institution.
An information sharing device provided in an embodiment of the present specification is applied to a privacy calculation unit, and includes:
the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for acquiring a target transaction, and the target transaction is a first transaction initiated by a first mechanism and used for invoking a target intelligent contract or a second transaction initiated by a second mechanism and used for invoking the target intelligent contract; the parameters of the first transaction comprise first user identification information of a first user and encrypted user basic data of the first user; the parameter of the second transaction comprises second user identification information of a second user;
the first updating module is used for updating the cumulative calling information aiming at the target intelligent contract according to the transaction information of the target transaction to obtain the first updated cumulative calling information;
the first judgment module is used for judging whether the first updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a first judgment result;
the first execution module is used for executing the contract code corresponding to the target intelligent contract to obtain a user verification result if the first judgment result shows that the first updated accumulated calling information meets the execution condition; the user verification result is a verification result obtained by verifying the user basic data of the second user;
and the first sending module is used for sending the user verification result to the second mechanism.
An information sharing device provided in an embodiment of the present specification includes:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
obtaining a target transaction, wherein the target transaction is a first transaction initiated by a first mechanism for invoking a target intelligent contract or a second transaction initiated by a second mechanism for invoking the target intelligent contract; the parameters of the first transaction comprise first user identification information of a first user and encrypted user basic data of the first user; the parameter of the second transaction comprises second user identification information of a second user;
updating the cumulative calling information aiming at the target intelligent contract according to the transaction information of the target transaction to obtain first updated cumulative calling information;
judging whether the first updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a first judgment result;
if the first judgment result shows that the first updated accumulated calling information meets the execution condition, executing a contract code corresponding to the target intelligent contract to obtain a user verification result; the user verification result is a verification result obtained by verifying the user basic data of the second user;
and sending the user authentication result to the second institution.
At least one embodiment provided in the present specification can achieve the following advantageous effects:
generating accumulated calling information aiming at a target intelligent contract by a privacy calculation unit according to the acquired transaction information of the transaction initiated by a first mechanism and a second mechanism and used for calling the target intelligent contract; after the accumulated calling information meets the execution condition aiming at the target intelligent contract, executing a contract code corresponding to the target intelligent contract so as to verify the user basic data sent by the first mechanism and obtain a user verification result of the user requested to be generated by the second mechanism; therefore, the second mechanism can acquire the user verification result without acquiring the user basic data from the first mechanism. And the verification result of the user generated by the privacy computing unit is obtained by verifying the user basic data sent by the first mechanism by using the target intelligent contract, so that the credibility of the user verification result can be ensured. Meanwhile, the user basic data sent to the privacy computing unit by the first mechanism are encrypted, so that the user basic data leakage caused in the data transmission process can be avoided, and the privacy of the user basic data is ensured.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without any creative effort.
Fig. 1 is a schematic view of an application scenario of an information sharing method provided in an embodiment of the present disclosure;
fig. 2 is a schematic flowchart of an information sharing method provided in an embodiment of the present disclosure;
FIG. 3 is a schematic flow chart illustrating a method for verifying an identity of a financial institution by a privacy computing unit according to an embodiment of the present disclosure;
fig. 4 is a schematic structural diagram of an information sharing device corresponding to fig. 2 provided in an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of an information sharing device corresponding to fig. 2 provided in an embodiment of this specification.
Detailed Description
To make the objects, technical solutions and advantages of one or more embodiments of the present disclosure more apparent, the technical solutions of one or more embodiments of the present disclosure will be described in detail and completely with reference to the specific embodiments of the present disclosure and the accompanying drawings. It is to be understood that the embodiments described are only a few embodiments of the present specification, and not all embodiments. All other embodiments that can be derived by a person skilled in the art from the embodiments given herein without making any creative effort fall within the scope of protection of one or more embodiments of the present specification.
The technical solutions provided by the embodiments of the present description are described in detail below with reference to the accompanying drawings.
In the prior art, data sharing is often the requirement of an organization to process business. However, a single organization often cannot acquire enough information to process the service, so that a need exists for acquiring information from other organizations. However, how to protect the privacy and credibility of information in the information exchange and sharing process is becoming an urgent problem to be solved.
For ease of understanding, the anti-money laundering scenario is illustrated as an example.
Anti-Money Laundering (AML) refers to a measure for preventing Money Laundering activities of such crimes as drug disguising, drug concealing, black-social organization crimes, terrorist activity crimes, smuggling crimes, bribery crimes, and financial management crimes, and the source and nature of their revenues. Common money laundering approaches are widely related to the fields of banks, insurance, securities, real estate, and the like.
Since most anti-money laundering works have a need for customer identification, customer identification systems are also in force. The Customer identification system, also known as "Know Your Customer" (KYC), refers to obtaining the relevant identification information of the Customer, including knowing the Customer's identity, knowing the purpose of the transaction, knowing the source and destination of the fund, knowing the daily business activities and financial transaction conditions of the Customer, etc. when establishing business relationship with the Customer, the Customer identification system is the basis of anti-money laundering.
Currently, there is a cooperative relationship between some financial institutions and a proxy mechanism, and a financial institution may sell financial products of the financial institution through the proxy mechanism, for example, a network platform may proxy financial products provided by a fund company. In this case, the customer who purchases the financial product is often directly the customer of the affiliate. According to regulatory requirements, selling financial products requires having a KYC verification result for the customer. As described above, the customer purchasing a financial product is directly a customer of an affiliate, which is generally able to directly obtain basic information of the customer, thereby having KYC capabilities. And according to the requirement of data privacy protection, the agency generally cannot directly transfer the basic data of the KYC and the KYC verification result to the financial institution providing the financial products. And the financial institution does not have the basic data of the user who purchases the financial products at the affiliate institution, so that independent KYC verification cannot be performed, the financial institution cannot acquire the KYC verification result of the user, and the supervision requirement cannot be met. Therefore, the requirement for sharing the information such as the user basic data, the user verification result and the like is generated.
A Smart contract (Smart contract) is a computer protocol intended to propagate, verify or execute contracts in an informational manner. The intelligent contracts can be deployed at nodes on the blockchain or can be deployed in equipment outside the blockchain, so that different requirements of users can be met. Because the intelligent contracts can be accurately executed and the risk of human intervention can be reduced, people gradually begin to share information based on the intelligent contract technology.
Currently, intelligent contracts in the related art are invoked by default by a contract invoker. However, in practical applications, there may be a need for executing the intelligent contract only if multiple parties call the same intelligent contract together. For example, when the financial institution and the affiliate both initiate calls for the same intelligent contract and respectively provide access data meeting certain conditions, such as identification information of a user to obtain an authentication result, user basic data and the like, the intelligent contract can be triggered to be executed to generate a trusted user authentication result, so that a party without the user basic data can obtain the user authentication result from the privacy calculation unit.
Based on this, the embodiments of the present specification aim to provide a scheme that satisfies the above-mentioned requirement for multiple parties to invoke the same intelligent contract for information sharing.
In order to solve the defects in the prior art, the scheme provides the following embodiments:
fig. 1 is a schematic view of an application scenario of an information sharing method provided in an embodiment of the present specification. As shown in fig. 1, a first organization may be directly connected to a second organization, while both the first organization and the second organization are connected to a privacy computing platform. The first organization, the second organization, and the privacy computing platform may also all be connected to a blockchain platform.
The first mechanism can directly receive basic data submitted by users, and accordingly certain processing work is completed based on the basic data of the users, such as KYC verification mentioned in a KYC scene. Additionally, the first mechanism may be further operable to provide the base data submitted by the user to the privacy computing platform by initiating a first transaction invoking a target smart contract deployed at the privacy computing platform, such that a predetermined rule may be executed in the trusted secure computing environment by the privacy computing platform to accomplish a task such as a KYC check.
The second mechanism can obtain the user identification information from the first mechanism, and submit the user identification information corresponding to the user authentication result required to be obtained by the second mechanism to the privacy computing platform by initiating a second transaction for calling the target intelligent contract deployed at the privacy computing platform, so that the privacy computing platform can generate the accumulated calling information aiming at the target intelligent contract according to the transaction information for obtaining the first transaction and the second transaction, and if the accumulated calling information meets the execution condition aiming at the target intelligent contract, the target intelligent contract is executed to generate the user authentication result required to be obtained by the second mechanism.
Therefore, the scheme can meet the requirement that multiple parties call the same intelligent contract together to execute the intelligent contract. And the second institution can acquire the verification result of the user, such as KYC, from the privacy computing platform without acquiring basic data submitted by the user from the first institution, so that the second institution can meet the supervision requirement on the KYC of the user.
Next, an information sharing method provided for an embodiment of the specification will be specifically described with reference to the accompanying drawings.
Fig. 2 is a schematic flowchart of an information sharing method provided in an embodiment of the present disclosure. From a procedural perspective, the execution subject of the flow may be a private computing unit deployed with a target intelligent contract. The privacy computation unit may be deployed on the blockchain or outside the blockchain, that is, the target intelligent contract may be an on-chain intelligent contract or an off-chain intelligent contract.
For ease of understanding, an implementation of deploying, invoking, and deploying a target intelligent contract in a private computing unit is explained.
In the embodiments of the present specification, blockchain technology supports users to create and invoke some complex logic in blockchain networks starting from etherhouses, which is one of the greatest advances in etherhouses over bitcoin technology. The core of the ethernet plant as a programmable blockchain is the ethernet plant virtual machine (EVM), each ethernet plant node can run the EVM. The EVM is a well-behaved virtual machine, which means that a variety of complex logic can be implemented through it. The user deploying and invoking the smart contracts in the etherhouse may be performed by the EVM. In fact, what the virtual machine directly runs is virtual machine code (virtual machine bytecode, hereinafter referred to as "bytecode"). The intelligent contract is divided into two phases of deployment and invocation.
During the deployment phase, the user may send a transaction to the ethernet network that includes creating the target smart contract, the data field of the transaction may include the code (e.g., bytecode) of the target smart contract, and the to field of the transaction is empty. After the diffusion and consensus of the transaction, each block chain node in the ethernet network can execute the transaction through the EVM and generate a corresponding contract instance, thereby completing the deployment of the target intelligent contract. In this case, the blockchain may have a contract account corresponding to the target intelligent contract, the contract account having a specific contract address. Contract code (i.e., code of the deployed target intelligent contract) or a hash value of the contract code may be stored in the contract account, the contract code being used to control the behavior of the corresponding target intelligent contract.
In the calling phase, a user (which may be the same as or different from the user who deployed the target intelligent contract) sends a transaction for calling the target intelligent contract to the Ethernet network, wherein the from field of the transaction is the address of the blockchain account corresponding to the user, the to field is the contract address of the target intelligent contract required to be called, and the data field contains the method and parameters for calling the target intelligent contract. After the agreement is achieved among the nodes through a consensus mechanism, the target intelligent contract called by the transaction statement is independently executed on each node of the Ethernet network in a specified mode, and all execution records and data are stored in the block chain, so that the block chain stores the transaction certificate which cannot be tampered and cannot be lost after the transaction is completed. With the development of blockchain technology, many other types of virtual machines, such as the wasm (webassembly) virtual machine, have been produced in addition to the EVM.
Each blockchain node may perform the creation and invocation of intelligent contracts through a virtual machine. The transaction containing the target intelligent contract and the execution result of the transaction are stored on the blockchain ledger, or the way that each full-volume node in the blockchain stores all ledgers is a challenge for privacy protection. Privacy protection can be achieved by a variety of techniques, such as cryptography (e.g., Homomorphic encryption, or Zero-knowledge proof of knowledge), hardware privacy techniques, and network isolation techniques. The hardware privacy protection technology typically includes a Trusted Execution Environment (TEE).
For example, each blockchain link point may implement a secure execution environment for blockchain transactions through the TEE. The TEE is a trusted execution environment that is based on a secure extension of the CPU hardware and is completely isolated from the outside. The industry is concerned with TEE solutions, and almost all mainstream chip and Software consortiums have their own TEE solutions, such as TPM (trusted Platform Module) in Software, Intel SGX (Software guard extensions) in hardware, ARM Trustzone, and AMD PSP (Platform security processor). The TEE can function as a hardware black box, and codes and data executed in the TEE cannot be peeped even in an operating system layer, and can be operated only through an interface predefined in the codes. In terms of efficiency, due to the black box nature of the TEE, plaintext data is operated on in the TEE, rather than the complex cryptographic operations in homomorphic encryption, and little loss in computational process efficiency occurs. Therefore, by deploying the TEE environment at the block chain link point, the privacy requirements in the block chain scenario can be met to a great extent on the premise that the performance loss is relatively small.
The Intel SGX (hereinafter referred to as SGX) technology is taken as an example. The blockchain node may create enclave (enclosure or enclave) based on SGX technology as a TEE for performing blockchain transactions. The block link point may allocate a partial area EPC (enclosure Page Cache, Enclave Page Cache, or Enclave Page Cache) in the memory by using a newly added processor instruction in the CPU, so as to reside the above-mentioned enclosure. The memory area corresponding to the EPC is encrypted by a memory Encryption engine mee (memory Encryption engine) inside the CPU, the contents (code and data in the enclave) in the memory area can be decrypted only in the CPU core, and a key for Encryption and decryption is generated and stored in the CPU only when the EPC is started. It can be seen that the security boundary of enclave only includes itself and CPU, and no matter privileged or non-privileged software can not access enclave, even an operating system administrator and VMM (Virtual Machine Monitor, or Hypervisor) can not affect the code and data in enclave, so that the enclave has extremely high security. And the data entering and exiting the TEE can be encrypted, so that the privacy of the data is guaranteed.
In the embodiments of the present specification, the privacy computation unit deployed on the blockchain may be, for example, a trusted execution environment TEE created by a blockchain node based on SGX technology for trusted and private execution of a transaction invoking a target smart contract deployed in the TEE. Specifically, a virtual machine may be run in the TEE, so that the target intelligent contract is deployed and executed by the virtual machine. In this way, for the encrypted transaction of the calling target intelligent contract at the privacy computing unit in the incoming blockchain node, the encrypted transaction can be executed in the virtual machine loaded in the privacy computing unit after being decrypted by the privacy computing unit, and the execution result can be output in an encrypted manner. The SGX itself may be certified as a legitimate SGX by remote certification techniques and wherein the program being executed (e.g., virtual machine code) is consistent with expectations.
Since each blockchain node performs creation and invocation of the target intelligent contract deployed at the private computing unit through the virtual machine, relatively many resources are consumed. In addition to executing the target intelligent contract through the privacy computing unit deployed on the blockchain to protect the privacy and the credibility of data in the information sharing process, the privacy computing node (i.e. the private computing node under the chain) may be deployed outside the blockchain network (or referred to as "under the chain"), and the target intelligent contract is deployed at the private computing unit under the chain, so that the computing operation that otherwise needs to be executed on all the blockchain nodes is transferred to the private computing node under the chain for execution.
The down-link TEE created on the down-link privacy computing node, similar to the above-mentioned on-link TEE created on the blockchain node, may be a trusted execution environment that is completely isolated from the outside and implemented based on CPU hardware. After the private calculation node under the chain creates the TEE under the chain, the deployment operation of the target intelligent contract under the chain and the operation of calling the contract after the deployment can be realized through the TEE under the chain, and the data security in the operation process is ensured.
The private computing node may prove to the user that it is authentic before being used. The process of certifying itself as authentic may involve remote certification reporting. The process of proving self trustworthiness by private computing nodes on and under the chain is similar. Taking the downlink example, the remote attestation report results from a remote attestation process for a downlink TEE on a downlink private compute node. The remote attestation report may be generated by an authoritative authentication server verifying referral information generated by the down-link private computing node, the referral information relating to a down-link TEE created on the down-link private computing node. The chain lower privacy computing node generates a remote certification report by generating self-referral information related to chain lower TEE and verifying the self-referral information by the authority authentication server, so that the remote certification report can be used for indicating that the chain lower TEE on the chain lower privacy computing node is trustable. After obtaining the remote attestation report, the challenger may verify the signature of the remote attestation report according to the public key of the authoritative certification server, and if the verification is passed, the challenger may confirm that the down-link privacy computing node is authentic.
The down-chain privacy computation unit may store a pair of public and private keys in the TEE. The public key may be sent to the other party in a remote attestation process or the like, while the private key is kept in the TEE. Thus, a contract-deploying party (e.g. the party that needs to obtain the user verification result, i.e. the second organization) may send a transaction for deploying the down-chain target intelligent contract to the privacy computation unit in case it is determined from the remote attestation report that the down-chain privacy computation node is authentic; the transaction information of the transaction may include: contract code (e.g., bytecode) of the target intelligent contract, description information of the target intelligent contract, an execution engine (e.g., a virtual machine in the TEE) of the target intelligent contract, and so on. The down-link privacy computation unit may store and deploy the target intelligent contract and compute a hash value of the target intelligent contract after receiving the transaction. The hash value of the target intelligent contract can be fed back to a contract deployer, and the contract deployer can locally generate a hash value for the deployed target intelligent contract, so that the contract deployer can compare whether the hash value of the deployed target intelligent contract is the same as the locally generated hash value, and if the hash value of the deployed target intelligent contract is the same, the target intelligent contract deployed at the privacy computation node under the chain is the contract deployed by the contract deployer.
In practice, a plurality of intelligent contracts may be deployed within a TEE, and the TEE may generate a separate public-private key pair for each intelligent contract, such that each deployed intelligent contract may have an ID (e.g., a public key corresponding to the intelligent contract or a string generated based on the public key), and the results of the execution of each intelligent contract may also be signed with the private key that the intelligent contract corresponds to as properly kept at the TEE, such that a result may be certified as being the result of the execution of a particular contract in a private compute node down the chain. In this way, the execution results of different contracts can be signed by different private keys, and only the corresponding public key can verify the signature, or the result cannot be proved to be the execution result of the corresponding contract if the signature cannot be verified by the corresponding public key, so that the contract deployed in the down-chain private computing node is endowed with the identity through the public and private key pair. The example of the privacy contract under the chain is described above, and the privacy contract on the chain is also similar and can also have an identity, that is, a public and private key pair.
Subsequently, the down-link privacy computing node may provide a call to the down-link target intelligent contract for deployment. Specifically, the user may send a transaction for invoking the target intelligent contract under the chain to the privacy computing node under the chain, the from field of the transaction may be user identification information corresponding to the user, the to field is a hash value of the target intelligent contract under the chain to be invoked, and the data field includes a method and parameters for invoking the target intelligent contract under the chain. The byte codes of the target intelligent contract under the chain can be loaded and executed in the TEE environment in the privacy calculation unit under the chain, and the execution result can be fed back to the caller of the contract, or fed back to the receiver appointed in the contract or the receiver appointed in the transaction for calling the contract, or fed back to the block chain node through a prediction machine mechanism. Feedback to the blockchain node through the prediction mechanism may further be fed back to a receiver specified in the linked contract or a receiver specified in a transaction invoking the linked contract via the setting of the linked contract. This is not particularly limited.
As shown in fig. 2, the process may include the following steps:
step 202: obtaining a target transaction, wherein the target transaction is a first transaction initiated by a first mechanism for invoking a target intelligent contract or a second transaction initiated by a second mechanism for invoking the target intelligent contract; the parameters of the first transaction comprise first user identification information of a first user and encrypted user basic data of the first user; the parameter of the second transaction includes second user identification information of the second user.
In this specification embodiment, a target intelligent contract requires a trigger invocation through multiple transactions initiated by multiple agencies for invoking the target intelligent contract, and parameters sent by different agencies for invoking the target intelligent contract may be different. For example, when a first organization has user basic data submitted by a user, and a second organization needs to obtain a verification result obtained by verifying the user basic data at the first organization, the transaction parameters of a first transaction sent by the first organization for invoking a target smart contract should include the user basic data and user identification information of the first user, and the transaction parameters of a second transaction sent by the second organization for invoking the target smart contract may include identification information of a second user that the second organization needs to obtain the user verification result. Therefore, when the target intelligent contract is executed, the user basic data in the transaction parameters of the first transaction can be verified to obtain a user verification result, and the user verification result which needs to be fed back to the second organization is determined according to the transaction parameters of the second transaction.
In practical application, in order to prevent the data transmission process from being illegally tampered, the parameters of the first transaction sent by the first organization further include the signature of the first organization, and the parameters of the second transaction sent by the second organization further include the signature of the second organization. For example, the second institution may digitally sign the transmitted user identification information of the second user with its own private key, and accordingly, the receiver (e.g., the privacy calculation unit herein) may verify the signature with the public key of the second institution, and if the verification is passed, the receiver may confirm that the received second transaction was transmitted by the financial institution and that the received content is complete and has not been tampered with.
Step 204: and updating the cumulative calling information aiming at the target intelligent contract according to the transaction information of the target transaction to obtain first updated cumulative calling information.
In the embodiment of the specification, since the execution of the target intelligent contract needs to be triggered according to a plurality of transactions for invoking the target intelligent contract, in the process of acquiring each transaction in all transactions required for triggering the target intelligent contract, the acquired transaction information of each transaction is accumulated to form accumulated invoking information for the target intelligent contract. Thus, each time a transaction for invoking the target smart contract is received, the cumulative invocation information needs to be updated according to the transaction information of the transaction.
In an embodiment of the present specification, a target transaction may represent a currently received transaction for invoking a target smart contract. The transaction information of the target transaction may include: identity identification information of a transaction initiator, parameter data carried by the transaction and the like. In practical applications, the identification information of the transaction initiator may be determined from the from field in the transaction. And the parameter data carried by the transaction can be determined according to the data field in the transaction.
In an embodiment of the present specification, the generating of the accumulated invoking information according to the obtained one or more transaction information for invoking the transaction of the target smart contract may include: the parameter data included in the one or more transactions, the identification information of the transaction initiator of the one or more transactions, the calling sequence of the one or more transactions to the target intelligent contract, the transaction quantity of the first transaction and the second transaction in the one or more transactions, and the like.
Step 206: and judging whether the first updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a first judgment result.
In the embodiment of the present specification, an execution condition may be set for the target intelligent contract, and the execution condition may be understood as a precondition for the privacy computation unit to execute the target intelligent contract. In other words, when the accumulated calling information obtained according to the acquired transaction information of the transactions for calling the target intelligent contract meets the execution condition, the privacy calculation unit may execute the target intelligent contract in response to the transactions. And if the accumulated calling information obtained according to the acquired one or more transaction information for calling the transaction of the target intelligent contract does not meet the execution condition, the privacy calculation unit can continuously wait for receiving the transaction for calling the target intelligent contract and update the accumulated calling information for the target intelligent contract according to the subsequently received transaction information for calling the transaction of the target intelligent contract so as to judge whether the updated accumulated calling information meets the execution condition, and if so, the target intelligent contract is executed.
In this embodiment, the execution condition for the target intelligent contract may be flexibly set according to actual requirements. For example, the execution condition may include: the data category condition of the transaction parameters, the quantity condition of the transaction parameters, the identity condition of the contract invoker, the transaction sequence condition initiated between the contract invokers, the transaction quantity condition initiated by the contract invoker and the like.
For ease of understanding, the implementation of step 206 is explained.
Specifically, step 206 may include: and judging whether the transaction quantity in the first updated accumulated calling information meets the transaction quantity condition defined in the execution condition.
The transaction quantity condition is that a first transaction quantity condition and a second transaction quantity condition are simultaneously satisfied; the first transaction quantity condition is that the transaction quantity of the first transaction reaches a third threshold; the second transaction amount condition is that the transaction amount of the second transaction reaches a fourth threshold.
In the embodiment of the present specification, the third threshold and the fourth threshold may be set according to actual requirements, for example, the third threshold is set to be 3, and the fourth threshold is set to be 4. If it is assumed that 3 first transactions and 3 second transactions are acquired before the target transaction is acquired, if the target transaction acquired this time is the second transaction, the first updated accumulated call information generated according to the transaction information of the target transaction may indicate that the 3 first transactions and the 4 second transactions are acquired, and the target intelligent contract may be executed according to the execution condition. And if the target transaction is the first contract, the first updated accumulated calling information can indicate that 4 first transactions and 3 second transactions are acquired, the execution conditions are not met, the transactions for calling the target intelligent contract need to be acquired continuously, and the target intelligent contract can not be executed until one second transaction is acquired.
By enabling the privacy calculation unit to execute the target intelligent contract to generate the user verification result after receiving a plurality of transactions for calling the target intelligent contract, resources consumed by high-frequency execution of the target intelligent contract can be reduced, and the resource utilization rate of the privacy calculation unit is improved.
Of course, the third threshold and the fourth threshold may also be both set to 1, and the target intelligent contract may be invoked after 1 first transaction and 1 second transaction are obtained respectively. The implementation mode is favorable for improving the instantaneity of generating the user verification result by using the target intelligent contract, and further the privacy calculation unit can quickly feed back the user verification result to the second mechanism.
Step 206 may also include: and judging whether the transaction sequence information initiated between the contract calling parties in the first updated cumulative calling information meets the transaction sequence condition defined in the execution condition.
For example, assuming that the transaction sequence condition is that the second transaction and the first transaction are received in sequence, if the transaction for invoking the target intelligent contract received before the target transaction is a first transaction, the target transaction received this time should be the second transaction, and then the execution of the target intelligent contract can be triggered.
Step 206 may also include: and judging whether the identity identification information of the transaction initiator in the first updated accumulated calling information meets the identity condition of the calling party aiming at the target intelligent contract defined in the execution condition.
For example, the identity condition for the caller of the target intelligent contract is that the contract caller includes a first organization and a second organization.
If the transaction for invoking the target smart contract received before the target transaction includes a transaction initiated by a third institution other than the first institution and the second institution, the execution of the target smart contract may be denied even if the transaction for invoking the target smart contract sent by the first institution and the second institution has been received. Thereby avoiding lawless persons from calling the target intelligent contract. Or, based on the identity condition of the caller for the target intelligent contract, the transactions initiated by the first mechanism and the second mechanism and used for calling the target intelligent contract are screened, the transactions initiated by the mechanisms except the first mechanism and the second mechanism and used for calling the target intelligent contract are eliminated, if the caller of the contract corresponding to the screened transactions includes both the first mechanism and the second mechanism, the caller can be determined to be in accordance with the execution condition, and the target intelligent contract can be executed according to the transaction parameters of the screened transactions.
Step 206 may also include: and judging whether the transaction parameters contained in the first updated cumulative calling information meet the transaction parameter conditions defined in the execution conditions.
Wherein the transaction parameter condition may include: at least one of the first transaction parameter condition and the second transaction parameter condition is satisfied; the first transaction parameter condition is that the amount of encrypted user base data of the first user reaches a first threshold; the second transaction parameter condition is that a quantity of second user identification information of the second user reaches a second threshold.
For example, assume that the first threshold is 100 and the second threshold is 200. If 3 first transactions are received before the target transaction, user basic data of 110 first users are acquired accumulatively, and user IDs of 180 second users are acquired accumulatively after 4 first transactions are received, if the target transaction is a second transaction carrying at least 20 user IDs of the second users, the accumulated calling information conforms to the execution condition for the target intelligent contract, and the target intelligent contract can be executed.
By enabling the privacy computing unit to execute the target intelligent contract to generate the user verification data after receiving the user basic data and the user identification information of a large number of users to be verified, the frequency of executing the target intelligent contract can be reduced, and therefore the resource utilization rate of the privacy computing unit is improved.
In the embodiment, the execution condition for the target intelligent contract may be recorded in the contract code of the target intelligent contract, or in the program code other than the target intelligent contract in the code in the privacy computing unit, which is not particularly limited.
Step 208: if the first judgment result shows that the first updated accumulated calling information meets the execution condition, executing a contract code corresponding to the target intelligent contract to obtain a user verification result; the user authentication result is an authentication result obtained by authenticating the user basic data of the second user.
In this embodiment, the target intelligent contract may generate a user verification result corresponding to the user identification information sent by the second mechanism according to the user basic data sent by the first mechanism.
For understanding, the KYC verification scenario is still taken as an example for explanation.
Assume that the target smart contract is used to generate KCY authentication results for the user. When the target intelligent contract is executed, the target intelligent contract can acquire the user identification information of the second user sent by the second mechanism, and determine whether the first mechanism sends the user basic data corresponding to the user identification information of the second user, if so, the KYC verification can be performed on the user basic data, so that a second KYC verification result is obtained.
The first user or the second user may be an individual user, an enterprise user, or the like. For individual users, the basic data of these users may include part or all of the information of the individual's name, gender, nationality, certificate type, certificate number, age, occupation, cell phone number, contact address, etc. For enterprise users, the basic data of these users may include some or all of the information such as the name of the enterprise, the license number, the location address, the name of the legal representative, the certificate type, the certificate number, and the expiration date. This is not particularly limited.
For ease of understanding, the process of KYC verification of a second user belonging to an individual user is illustrated, for example, one may verify: whether the name format is correct or not, if so, whether the name format is composed of 2-5 bits of Chinese characters or not; whether the gender format is correct, e.g., male or female; whether the mobile phone number is correct, such as whether the mobile phone number is 11 digits, and the beginning of the mobile phone number is fields of 13, 15, 17, 18, 19 and the like; whether the contact address is correct, such as a string of characters containing provincial/autonomous region/city of prefecture through street number, etc. Thus, a KYC test result of the second user may be obtained. The KYC test result may specifically be, for example: { user identification information, KYC check result }. Wherein the KYC test result is, for example, pass or fail.
Step 210: and sending the user authentication result to the second institution.
In the embodiment of the present specification, the privacy computation unit may send the user authentication result directly to the second entity, or may send the user authentication result to a specified storage service medium, and then the user authentication result is pulled from the storage service medium by the second entity. This is not particularly limited.
Therefore, the user verification result is shared to the second mechanism through the privacy calculation unit, so that the second mechanism can also obtain the verification result of the user under the condition that the user basic data submitted by the user at the first mechanism is not obtained, and the supervision or service requirements are met.
In practical applications, in order to prevent the data from being illegally tampered during the data transmission process, step 210 may specifically include: sending the user verification result digitally signed by using a private key stored in a TEE in the privacy computing unit to the second organization; or sending the user verification result digitally signed by the corresponding private key of the target intelligent contract to the second organization. The second organization can thus confirm that the received user authentication result was sent by the privacy computing unit and that the received content was intact and not tampered with, after passing the signature authentication of the user authentication result.
It should be understood that the order of some steps in the method described in one or more embodiments of the present disclosure may be interchanged according to actual needs, or some steps may be omitted or deleted.
In the method shown in fig. 2, the privacy computation unit needs to trigger the execution of the target intelligent contract according to the multiple transactions initiated by the first mechanism and the second mechanism and used for invoking the target intelligent contract, so that the requirement that the intelligent contract can be executed only by invoking the same intelligent contract by multiple parties is met. The verification result of the user generated by the privacy calculation unit is obtained by verifying the user basic data sent by the first mechanism by using the target intelligent contract, so that the credibility of the user verification result can be ensured, and the credibility of the required user verification result obtained by the second mechanism from the privacy calculation unit can be ensured.
The method in fig. 2 can enable the second mechanism to obtain the user authentication result without obtaining the user basic data from the first mechanism, thereby realizing the sharing of the user basic data and the user authentication result. Meanwhile, the user basic data sent to the privacy computing unit by the first mechanism are encrypted, so that the user basic data leakage caused in the data sharing process can be avoided, and the privacy of the user basic data is ensured.
Based on the method of fig. 2, the present specification also provides some specific embodiments of the method, which are described below.
In an embodiment of the present specification, if the first updated accumulated call information generated according to the obtained target transaction does not satisfy the execution condition for the target intelligent contract, the privacy calculation unit may continue to obtain the transaction for calling the target intelligent contract, and execute the target intelligent contract after the accumulated call information generated according to the obtained transaction information for calling the target intelligent contract satisfies the execution condition.
Therefore, after obtaining the first determination result in step 206, the method in fig. 2 may further include:
step 212: and if the first judgment result shows that the first updated accumulated calling information does not meet the execution condition, continuing to acquire the transaction for calling the target intelligent contract.
Specifically, if the first judgment result indicates that the first updated cumulative call information does not satisfy the execution condition, the specified transaction may be acquired; the designated transaction is a transaction initiated by the first or second institution subsequent to the target transaction to invoke the target smart contract.
And updating the first updated accumulated calling information according to the transaction information of the appointed transaction to obtain second updated accumulated calling information.
And judging whether the second updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a second judgment result.
And if the second judgment result shows that the second updated accumulated calling information meets the execution condition, executing a contract code corresponding to the target intelligent contract to obtain the user verification result.
In this embodiment of the present specification, an implementation manner of updating the first updated cumulative call information according to the transaction information of the specified transaction may be the same as an implementation manner of updating the cumulative call information for the target intelligent contract according to the transaction information of the target transaction. The implementation manner of determining whether the second updated cumulative call information satisfies the execution condition for the target intelligent contract may be the same as the implementation manner of determining whether the first updated cumulative call information satisfies the execution condition for the target intelligent contract. This will not be described in detail.
Alternatively, in the method of fig. 2, the first institution may be a sales agent for selling financial products offered by the financial institution, and the second institution may be the financial institution.
For ease of understanding, the KYC service scenario in which the method in fig. 2 is applied in anti-money laundering is explained.
In embodiments of the present description, the affiliate may utilize its own platform or its own direct customer-oriented capabilities to sell financial products offered by the financial institution. For example, a bank may sell fund products on behalf of a fund company, or insurance products on behalf of an insurance agency, etc. As another example, the payment platform may sell fund products on behalf of fund companies, or insurance products on behalf of insurance institutions, or the like. Since the user can purchase the financial products provided by the financial institution through the affiliate, the affiliate can require the user to provide basic data for KYC verification, so that the affiliate can acquire the basic data submitted by the user. In practical applications, the affiliate may prompt the user to provide the basic data when the user registers, or may request the user to provide the basic data when the user initiates purchase of the financial product through the affiliate platform, which is not limited in particular.
In the embodiment of the specification, since most of the user basic data is relatively sensitive and is not expected to be output to the agency, the financial institution cannot obtain the user basic data submitted by the user, and cannot perform KYC verification by itself. Therefore, the financial institution needs to directly acquire the KYC verification result of the user, and the affiliate can provide basic data of the user required by KYC verification. The first mechanism may thus be a proxy mechanism. Correspondingly, the second institution may be a financial institution.
In this embodiment, the first mechanism may assign unique user identification information, i.e., user id (identity document), to the user at the first mechanism. For example, the user ID may be an account number that the user registered with the first organization; alternatively, the user initiates a purchase operation at the first institution with an account assigned to the user by the system of the first institution. Such an account number may be, for example, a string of characters. The user ID should be able to uniquely identify a user.
For an individual user, the user ID may also be an identification number if the certificate type is unified with the identification card. However, the identification number is actually private data belonging to an individual, and therefore, in view of avoiding disclosure of the individual private data, the identification number can be subjected to hash processing. Since the hash calculation has the characteristics of one direction and hiding of original information, and the good hash function has the anti-collision capability, that is, the great probability of the hash values obtained by different inputs is different, the hash calculation result (or called abstract value) can be used as the user ID. The same principle is applied to mobile phone numbers. That is, the user ID may be a digest value obtained by hashing one or more items of information of the user.
Similarly, the hash calculation may be performed after data of a group of users are sequentially spliced, and the obtained digest value is used as the user ID, for example, the digest value obtained by hash (name + certificate type + certificate number) is used as the user ID, where "+" may indicate sequential splicing of front and back characters. The anti-money laundering KYC generally has higher requirements on data security, and in order to further enhance data security protection, salt adding operation can be adopted in hash calculation, for example, hash (name + certificate type + certificate number + salt), which is a value generated according to a predetermined rule. It can be seen that the user ID may also be a digest value calculated by adding salt to one or more items of information of the user.
In the embodiment of the present specification, after acquiring basic data of a user, a first institution (e.g., a affiliate) may transmit a user ID of the user to a second institution (e.g., a financial institution) so that the second institution de-privacy calculation unit requests acquisition of a KYC verification result corresponding to the user ID. It can be seen that the user identification information of the second user carried in the second transaction sent by the second organization may be a user ID allocated to the second user by the first organization. That is, both the user identification information of the first user and the user identification information of the second user can be implemented by using the above implementation manner of the user ID, which is not described again.
In this embodiment of the present specification, the first mechanism may send the user identification information of the second user to the second mechanism directly, or may send the user identification information of the second user to the second mechanism through the privacy calculation unit, which is not limited in particular. In practical application, in order to protect the security and privacy during the transmission process of the user identification information, the first mechanism may encrypt the user ID by adopting a symmetric encryption or asymmetric encryption method and then send the encrypted user ID to the second mechanism. If symmetric encryption is adopted, namely the encryption key and the decryption key are the same key, the key pair can be obtained by a key negotiation process between the first mechanism and the second mechanism; for the situation of adopting asymmetric encryption, that is, an encryption key and a decryption key are two different but corresponding keys, one of which is a public key for encryption and the other is a private key for decryption, a first mechanism can generally adopt the public key of a second mechanism to encrypt a user ID and then send the user ID to the financial mechanism, and then the second mechanism adopts the corresponding private key for decryption to recover and obtain the user ID.
Similarly, the first identification information of the first user and the second identification information of the second user, which are sent to the privacy computing unit by the first organization and the second organization through the target transaction, may also be encrypted. The principle of encryption of the first identification information and the second identification information by the first mechanism and the second mechanism may be the same as the principle of encryption of the user ID transmitted to the second mechanism by the first mechanism. This will be described in detail.
In this embodiment of the present specification, since it is necessary to complete the invocation of the target intelligent contract together according to multiple transactions initiated by multiple mechanisms, a corresponding state machine may be configured for the target intelligent contract, and a final state of the state machine may correspond to an execution condition for the target intelligent contract, so that when the accumulated invocation information for the target intelligent contract meets the execution condition, the state machine is switched to the final state to automatically trigger the execution of the target intelligent contract.
The state machine corresponding to the target intelligent contract may be configured in the chain code of the block chain node where the privacy computation unit is located, or configured in the contract code of the target intelligent contract, or configured in the contract account of the target intelligent contract, or configured in the program code of the privacy computation unit other than the contract code of the target intelligent contract, which is not particularly limited.
Specifically, the method in fig. 2 may further include:
and if the first judgment result shows that the first updated accumulated calling information meets the execution condition, switching the state machine corresponding to the target intelligent contract to a final state, wherein the final state is used for indicating to execute the contract code of the target intelligent contract.
In practical application, when the first determination result indicates that the first updated cumulative call information does not satisfy the execution condition, an intermediate state of a state machine corresponding to the target intelligent contract may be determined according to the first updated cumulative call information. The intermediate state may indicate that a transaction for invoking the target smart contract is subsequently received, such that whether to execute the target smart contract is determined based on subsequently received transactions.
In practical application, the state machine may include one or more intermediate states, and different intermediate states are provided with corresponding different intermediate state conditions, so that the intermediate state to which the state machine corresponding to the target intelligent contract needs to be switched may be determined according to the determined intermediate state condition to which the first updated cumulative call information conforms.
For the convenience of understanding, a KYC verification scenario is still taken as an example to explain the information sharing scheme provided by the embodiments of the present specification.
For example, assume that the state machine for the target intelligent contract sets two intermediate states and one final state. The following table shows the corresponding preset state conditions set for the intermediate and final states of the state machine. And the preset state condition set for the final state is the execution condition for the target intelligent contract.
Preset state conditions The state machine is in
The first mechanism submits the ID of the first user and the user basic data of the first user. Intermediate state 1
The second organization submits the ID of the second user. Intermediate state 2
The first mechanism submits the ID of the first user and the user basic data of the first user. And the second organization submits the ID of the second user. Final state
Assuming that a transaction submitted by a second organization to invoke a target smart contract that includes an ID of a second user is currently received, then the accumulated invocation information for the target smart contract may be updated to "the second organization submitted the ID of the second user". At this point, the state machine corresponding to the target smart contract may be switched from the initial state to intermediate state 2.
Then, continuing to receive the transaction which is submitted by the first organization and contains the ID of the first user and the user basic data of the first user and is used for calling the target intelligent contract; then, the cumulative call information may be updated to "the second organization submits the ID of the second user; the first mechanism submits the first user's ID and the first user's user base data ". At this time, the state machine corresponding to the target smart contract may be switched from the intermediate state 2 to the final state, so that KYC verification of the user basic data corresponding to the ID of the second user may be performed by the target smart contract, and a user verification result may be obtained.
In practical applications, when the accumulated call information generated according to the received transaction information for calling the transaction of the target intelligent contract does not satisfy any preset state condition for the state machine, it may be indicated that the received transaction for calling the target intelligent contract has a problem, for example, the transaction is a transaction sent by an organization other than the first organization and the second organization, that is, an illegal organization calls the target intelligent contract, and therefore, the error report information may be output. So that the manager of the privacy computation unit can supervise the use process of the target intelligent contract. At this moment, the state machine corresponding to the target intelligent contract can be reset to the initial state, so that the safety of the target intelligent contract using process is improved.
In the embodiment of the present specification, in order to further improve the security of data transmission, that is, although encrypted data is transmitted, it is not desirable for an incorrect receiving party to receive the encrypted data, therefore, before the first and second organizations send target transactions to the privacy calculation unit, the privacy calculation unit needs to prove the identity of the privacy calculation unit to the second organization. Before sending the user verification result to the second institution, the privacy calculation unit can also confirm the identity of the other party, namely the second institution. Namely, the second mechanism is determined to be a mechanism meeting the preset condition.
In the embodiments of the present specification, there are several ways to confirm the identity of the other party, and an implementation manner using a distributed digital identity technology that incorporates a blockchain is listed here. The blockchain may provide a decentralized (or weakly centralized), non-tamperable (or difficult to tamper) and trusted distributed ledger, and may provide a secure, stable, transparent, auditable, and efficient way to log transactions and data information interactions. The blockchain network may include a plurality of nodes. Typically one or more nodes of a blockchain are attributed to a participant. In general, the more participants in a blockchain network, the more authoritative the participants are, and the higher the trustworthiness of the blockchain network is. A blockchain network formed by a plurality of participants is referred to herein as a blockchain platform. With the blockchain platform, the identity of various organizations can be verified.
Since the principle employed in the authentication process between the privacy computing unit and the first institution and the second institution may be the same, for the convenience of understanding, the process of authenticating the identity of the second institution (i.e. the financial institution) by the privacy computing unit is taken as an example and is illustrated here.
To use the distributed digital identity service provided by the blockchain platform, the financial institution may register its own identity in the blockchain platform. For example, a financial institution may create a pair of public and private keys, the private key being stored securely, and may create a distributed digital identity (also known as Decentralized identifiers, DID). In practical applications, the DID may be created by the financial institution itself, or may be created by requesting a Distributed Identity Service (DIS) system, which is not particularly limited. DIS is an identity management scheme based on a block chain, and can provide functions of creating, verifying, managing and the like of digital identities, thereby realizing standardized management and protection of entity data, ensuring the authenticity and efficiency of information transfer, and solving the problems of cross-organization identity authentication, data cooperation and the like. The DIS system may be connected to a blockchain platform. A DID can be created for the financial institution through the DIS system, the DID and the public key are sent to the blockchain platform for storage, and the created DID is returned to the financial institution. The public key may be included into a DIDdoc, which may be stored in a blockchain platform. The DIS creates a DID for the financial institution, which may be created based on a public key sent by the financial institution, for example, by calculating the public key of the financial institution using a Hash function, or may be created according to other information of the financial institution (which may or may not include the public key). The latter may require the financial institution to provide some information beyond the public key. The financial institution may then provide a verification function to prove itself to the other party as a financial institution.
Fig. 3 is a flowchart illustrating a method for verifying an identity of a financial institution by a privacy computing unit according to an embodiment of the present disclosure, where, as shown in fig. 3:
step 302: the financial institution initiates a DID creation request to the DIS, wherein the request comprises a public key of the financial institution.
Step 304: responding to the creation request, the DIS creates a DID and a corresponding DIDdoc for the financial institution, and sends the DID and the corresponding DIDdoc to a block chain platform for storage, wherein the DIDdoc comprises a public key of the financial institution.
Step 306: the block chain platform receives a verification request sent by a privacy computing unit, wherein the verification request comprises the DID of the financial institution; and the block chain platform takes out the DIDdoc corresponding to the DID of the financial institution from the self storage and returns the DIDdoc to the privacy calculation unit.
Step 308: the privacy calculation unit generates a character string and transmits the character string to the financial institution.
Step 310: the financial institution signs the string with its private key and returns to the privacy computation unit.
Step 312: and the privacy calculation unit verifies whether the returned signature is correct by using the received public key in the DIDdoc, and if so, the identity of the financial institution is confirmed. So that it can be determined whether the financial institution is an institution complying with the preset regulation.
It can be seen that the flow in fig. 3 allows the privacy calculation unit to verify the identity of the financial institution. S306, S308, and S310 do not have a strict sequence, and are not particularly limited.
In an embodiment of the present specification, the privacy computation unit may further send a proof of the user authentication result to the blockchain for subsequent use.
Therefore, the method in fig. 2 may further include: and sending the certification of the user authentication result to a block chain network. The blockchain network storing the user authentication result and the blockchain network deployed with the privacy computing platform may be the same blockchain network or different blockchain networks, which is not specifically limited.
The proof of the user verification result may comprise a Verifiable statement (VC) signed by the privacy computation unit. VC is also an important application in DID. The VCs may be stored in a blockchain platform. For example, the content of the VC includes that the user basic data corresponding to a certain user ID/user IDs has/have been verified by the privacy computation unit according to a predetermined rule, and is signed by the privacy computation unit; or a hash value comprising the user authentication result and signed by the privacy calculation unit. I.e. the proof of the verification result may comprise: the verifiable statement signed by the privacy computation unit, or the hash value signed by the privacy computation unit, wherein the hash value is obtained by performing hash computation on the user verification result.
When the method in fig. 2 is applied to a KYC verification scenario, the supervising authority may verify VC through a block chain in addition to obtaining KYC verification results of the user from the second authority when checking the verification results, such as KYC, of the user by the second authority. Specifically, the supervision authority may obtain a public key in the DIDdoc of the privacy computing unit from a block chain, and verify a KYC verification result of the user ID of the second authority, and further verify the signature of the VC by using the public key of the privacy computing unit, thereby confirming that the VC is issued by the privacy computing unit and is complete, that is, has not been tampered with. In this way, based on the non-tamperable nature of the blockchain platform and the trustworthiness of the signature authority, authenticity approval of the KYC verification result provided by the second authority may be promoted. The trustworthiness of the signing authority, i.e. the trustworthiness of the private computing unit or the target intelligent contract, may be achieved by auditing the identity of the private computing unit and the contract code deployed therein. The identity of the privacy computing unit may be audited, and may be verified as authentic, for example, by the challenge initiating process described above.
Thus, through the scheme in the embodiment, the institution which is incapable of anti-money laundering work originally can be enabled, so that the institution (for example, the second institution, namely the financial institution) can have the KYC verification result of the user who purchases the financial product, thereby meeting the stipulated anti-money laundering obligation and improving the KYC verification capability of the whole industry.
Based on the same idea, the embodiment of the present specification further provides a device corresponding to the above method. Fig. 4 is a schematic structural diagram of an information sharing device corresponding to fig. 2 according to an embodiment of the present disclosure. The apparatus may be applied to a privacy computing unit, as shown in fig. 4, and may include:
a first obtaining module 402, configured to obtain a target transaction, where the target transaction is a first transaction initiated by a first mechanism for invoking a target intelligent contract or a second transaction initiated by a second mechanism for invoking the target intelligent contract; the parameters of the first transaction comprise first user identification information of a first user and encrypted user basic data of the first user; the parameter of the second transaction includes second user identification information of the second user.
The first updating module 404 is configured to update the cumulative call information for the target intelligent contract according to the transaction information of the target transaction, so as to obtain first updated cumulative call information.
A first determining module 406, configured to determine whether the first updated cumulative call information meets an execution condition for the target intelligent contract, so as to obtain a first determination result.
A first executing module 408, configured to execute the contract code corresponding to the target intelligent contract to obtain a user verification result if the first determination result indicates that the first updated cumulative call information meets the executing condition; the user authentication result is an authentication result obtained by authenticating the user basic data of the second user.
A first sending module 410, configured to send the user authentication result to the second institution.
Optionally, the first institution is a affiliate institution, and the second institution is a financial institution.
Optionally, the first user identification information includes an account registered by the first user at the first mechanism, or an account allocated by a system of the first mechanism to the first user when the first user initiates a purchase operation at the first mechanism.
The second user identification information comprises an account number registered by the second user at the first mechanism, or an account number distributed to the second user by a system of the first mechanism when the second user initiates a purchase operation at the first mechanism.
Optionally, the second user identification information is the user identification information of the second user, which is sent to the second mechanism by the first mechanism after the first mechanism acquires the user basic data of the second user.
Optionally, the first user identification information includes: carrying out hash calculation on one or more items of information of the first user to obtain an abstract value; the second user identification information includes: and carrying out hash calculation on one or more items of information of the second user to obtain a summary value.
Optionally, the first user identification information includes: calculating the summary value of one or more items of information of the first user through salting and hashing; the second user identification information includes: and calculating the summary value of one or more items of information of the second user by adding salt and hashing.
Optionally, the first obtaining module 402 may be specifically configured to:
obtaining a target transaction using the privacy computation unit deployed on a blockchain.
Or, acquiring the target transaction by utilizing the privacy calculation unit deployed under the blockchain.
Optionally, the apparatus in fig. 4 may further include:
a first attestation module to attest, by the privacy computing unit, an identity of the privacy computing unit to the first authority.
A second attestation module to attest, by the privacy computing unit, an identity of the privacy computing unit to the second institution.
Optionally, the parameter of the first transaction further comprises a signature of the first institution; the parameters of the second transaction also include a signature of the second institution.
Optionally, the first user identification information included in the parameter of the first transaction is encrypted; the second user identification information included in the parameters of the second transaction is encrypted.
Optionally, the first determining module 406 may be specifically configured to:
and judging whether the transaction parameters contained in the first updated cumulative calling information meet the transaction parameter conditions defined in the execution conditions.
Optionally, the transaction parameter condition includes: at least one of the first transaction parameter condition and the second transaction parameter condition is satisfied.
The first transaction parameter condition is that the amount of encrypted user base data of the first user reaches a first threshold; the second transaction parameter condition is that a quantity of second user identification information of the second user reaches a second threshold.
Optionally, the first determining module 406 may be specifically configured to:
and judging whether the identity identification information of the transaction initiator in the first updated accumulated calling information meets the identity condition of the calling party aiming at the target intelligent contract defined in the execution condition.
Optionally, the first determining module 406 may be specifically configured to:
and judging whether the transaction quantity in the first updated accumulated calling information meets the transaction quantity condition defined in the execution condition.
Optionally, the transaction quantity condition is that a first transaction quantity condition and a second transaction quantity condition are simultaneously satisfied; the first transaction quantity condition is that the transaction quantity of the first transaction reaches a third threshold; the second transaction amount condition is that the transaction amount of the second transaction reaches a fourth threshold.
Optionally, the third threshold is equal to 1; the fourth threshold is equal to 1.
Optionally, the apparatus in fig. 4 may further include:
the second obtaining module is used for obtaining the appointed transaction if the first judgment result shows that the first updated accumulated calling information does not meet the execution condition; the designated transaction is a transaction initiated by the first or second institution subsequent to the target transaction to invoke the target smart contract.
And the second updating module is used for updating the first updated accumulated calling information according to the transaction information of the specified transaction to obtain second updated accumulated calling information.
And the second judgment module is used for judging whether the second updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a second judgment result.
And the second execution module is configured to execute the contract code corresponding to the target intelligent contract to obtain the user verification result if the second determination result indicates that the second updated cumulative call information satisfies the execution condition.
Optionally, the first sending module 410 may be specifically configured to:
and sending the user verification result digitally signed by the privacy computing unit to the second institution. Or sending the user verification result digitally signed by the target smart contract to the second institution.
Optionally, the apparatus in fig. 4 may further include:
and the determining module is used for determining that the second mechanism is a mechanism meeting the preset condition.
Optionally, the apparatus in fig. 4 may further include:
and the second sending module is used for sending the proof of the user verification result to the block chain network.
Optionally, the proving of the user verification result includes: a verifiable statement signed by the privacy computation unit; or, the hash value signed by the privacy computation unit is obtained by performing hash computation on the user verification result.
Optionally, the apparatus in fig. 4 may further include:
and the state switching module is used for switching the state machine corresponding to the target intelligent contract to a final state if the first judgment result shows that the first updated accumulated call information meets the execution condition, wherein the final state is used for indicating a contract code for executing the target intelligent contract.
And the state determining module is used for determining the intermediate state of the state machine corresponding to the target intelligent contract according to the first updated accumulated calling information if the first judgment result shows that the first updated accumulated calling information does not meet the execution condition.
Based on the same idea, the embodiment of the present specification further provides a device corresponding to the above method.
Fig. 5 is a schematic structural diagram of an information sharing device corresponding to fig. 2 provided in an embodiment of this specification. As shown in fig. 5, the apparatus 500 may include:
at least one processor 510; and the number of the first and second groups,
a memory 530 communicatively coupled to the at least one processor; wherein,
the memory 530 stores instructions 520 executable by the at least one processor 510, the instructions 520 may be instructions in a privacy computing unit, the instructions 520 executable by the at least one processor 510 to enable the at least one processor 510 to:
obtaining a target transaction, wherein the target transaction is a first transaction initiated by a first mechanism for invoking a target intelligent contract or a second transaction initiated by a second mechanism for invoking the target intelligent contract; the parameters of the first transaction comprise first user identification information of a first user and encrypted user basic data of the first user; the parameter of the second transaction includes second user identification information of the second user.
And updating the cumulative calling information aiming at the target intelligent contract according to the transaction information of the target transaction to obtain first updated cumulative calling information.
And judging whether the first updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a first judgment result.
If the first judgment result shows that the first updated accumulated calling information meets the execution condition, executing a contract code corresponding to the target intelligent contract to obtain a user verification result; the user verification result is a verification result obtained by verifying the user basic data of the second user;
and sending the user authentication result to the second institution.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus shown in fig. 5, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to part of the description of the method embodiment.
In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital character system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate a dedicated integrated circuit chip. Furthermore, nowadays, instead of manually making an integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Language Description Language), traffic, pl (core unified Programming Language), HDCal, JHDL (Java Hardware Description Language), langue, Lola, HDL, laspam, hardsradware (Hardware Description Language), vhjhd (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller as pure computer readable program code, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims (45)

1. An information sharing method is applied to a privacy computing unit and comprises the following steps:
obtaining a target transaction, wherein the target transaction is a first transaction initiated by a first mechanism for invoking a target intelligent contract or a second transaction initiated by a second mechanism for invoking the target intelligent contract; the parameters of the first transaction comprise first user identification information of a first user and encrypted user basic data of the first user; the parameter of the second transaction comprises second user identification information of a second user;
updating the cumulative calling information aiming at the target intelligent contract according to the transaction information of the target transaction to obtain first updated cumulative calling information;
judging whether the first updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a first judgment result;
if the first judgment result shows that the first updated accumulated calling information meets the execution condition, executing a contract code corresponding to the target intelligent contract to obtain a user verification result; the user verification result is a verification result obtained by verifying the user basic data of the second user;
and sending the user authentication result to the second institution.
2. The method of claim 1, wherein the first institution is a affiliate and the second institution is a financial institution.
3. The method of claim 2, wherein the first user identification information comprises an account number registered by the first user at the first organization or an account number assigned by a system of the first organization to the first user when the first user initiates a purchase operation at the first organization;
the second user identification information comprises an account number registered by the second user at the first mechanism, or an account number distributed to the second user by a system of the first mechanism when the second user initiates a purchase operation at the first mechanism.
4. The method as claimed in claim 3, wherein the second user identification information is the user identification information of the second user sent to the second organization by the first organization after the user basic data of the second user is obtained.
5. The method of claim 3, the first subscriber identity information comprising: carrying out hash calculation on one or more items of information of the first user to obtain an abstract value;
the second user identification information includes: and carrying out hash calculation on one or more items of information of the second user to obtain a summary value.
6. The method of claim 5, the first subscriber identity information comprising: calculating the summary value of one or more items of information of the first user through salting and hashing;
the second user identification information includes: and calculating the summary value of one or more items of information of the second user by adding salt and hashing.
7. The method according to claim 1 or 2, wherein the obtaining of the target transaction specifically comprises:
obtaining a target transaction with the privacy computation unit deployed on a blockchain;
or, acquiring the target transaction by utilizing the privacy calculation unit deployed under the blockchain.
8. The method of claim 7, prior to obtaining the target transaction, further comprising:
the privacy computing unit attesting to the first authority an identity of the privacy computing unit;
the privacy computing unit attests to the second authority an identity of the privacy computing unit.
9. The method of claim 7, the parameters of the first transaction further comprising a signature of the first institution; the parameters of the second transaction also include a signature of the second institution.
10. The method of claim 7, the first user identification information included in the parameters of the first transaction being encrypted; the second user identification information included in the parameters of the second transaction is encrypted.
11. The method according to claim 1 or 2, wherein the determining whether the first updated cumulative call information satisfies the execution condition for the target intelligent contract specifically includes:
and judging whether the transaction parameters contained in the first updated cumulative calling information meet the transaction parameter conditions defined in the execution conditions.
12. The method of claim 11, the transaction parameter condition comprising: at least one of the first transaction parameter condition and the second transaction parameter condition is satisfied;
the first transaction parameter condition is that the amount of encrypted user base data of the first user reaches a first threshold; the second transaction parameter condition is that a quantity of second user identification information of the second user reaches a second threshold.
13. The method according to claim 1 or 2, wherein the determining whether the first updated cumulative call information satisfies the execution condition for the target intelligent contract specifically includes:
and judging whether the identity identification information of the transaction initiator in the first updated accumulated calling information meets the identity condition of the calling party aiming at the target intelligent contract defined in the execution condition.
14. The method of claim 1 or 2, wherein the determining whether the first updated cumulative invocation information satisfies an execution condition for the target smart contract comprises:
and judging whether the transaction quantity in the first updated accumulated calling information meets the transaction quantity condition defined in the execution condition.
15. The method of claim 14, wherein the transaction quantity condition is that a first transaction quantity condition and a second transaction quantity condition are satisfied simultaneously;
the first transaction quantity condition is that the transaction quantity of the first transaction reaches a third threshold; the second transaction amount condition is that the transaction amount of the second transaction reaches a fourth threshold.
16. The method of claim 15, the third threshold being equal to 1; the fourth threshold is equal to 1.
17. The method according to claim 1 or 2, wherein the determining whether the first updated cumulative call information satisfies the execution condition for the target intelligent contract further includes, after obtaining a first determination result:
if the first judgment result shows that the first updated accumulated calling information does not meet the execution condition, acquiring the appointed transaction; the designated transaction is a transaction initiated by the first or second institution subsequent to the target transaction to invoke the target smart contract;
updating the first updated accumulated calling information according to the transaction information of the appointed transaction to obtain second updated accumulated calling information;
judging whether the second updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a second judgment result;
and if the second judgment result shows that the second updated accumulated calling information meets the execution condition, executing a contract code corresponding to the target intelligent contract to obtain the user verification result.
18. The method according to claim 1 or 2, wherein the sending the user authentication result to the second organization specifically comprises:
sending the user verification result digitally signed by the privacy computing unit to the second institution;
or sending the user verification result digitally signed by the target smart contract to the second institution.
19. The method of claim 1 or 2, prior to sending the user authentication result to the second institution, further comprising:
and determining that the second mechanism is a mechanism meeting a preset condition.
20. The method of claim 1 or 2, further comprising:
and sending the certification of the user authentication result to a block chain network.
21. The method of claim 20, the proof of the user authentication result comprising:
a verifiable statement signed by the privacy computation unit;
or, the hash value signed by the privacy computation unit is obtained by performing hash computation on the user verification result.
22. The method of claim 1 or 2, further comprising:
if the first judgment result shows that the first updated accumulated calling information meets the execution condition, switching the state machine corresponding to the target intelligent contract to a final state, wherein the final state is used for indicating a contract code for executing the target intelligent contract;
and if the first judgment result shows that the first updated accumulated calling information does not meet the execution condition, determining an intermediate state of a state machine corresponding to the target intelligent contract according to the first updated accumulated calling information.
23. An information sharing device applied to a privacy computing unit comprises:
the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for acquiring a target transaction, and the target transaction is a first transaction initiated by a first mechanism and used for invoking a target intelligent contract or a second transaction initiated by a second mechanism and used for invoking the target intelligent contract; the parameters of the first transaction comprise first user identification information of a first user and encrypted user basic data of the first user; the parameter of the second transaction comprises second user identification information of a second user;
the first updating module is used for updating the cumulative calling information aiming at the target intelligent contract according to the transaction information of the target transaction to obtain the first updated cumulative calling information;
the first judgment module is used for judging whether the first updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a first judgment result;
the first execution module is used for executing the contract code corresponding to the target intelligent contract to obtain a user verification result if the first judgment result shows that the first updated accumulated calling information meets the execution condition; the user verification result is a verification result obtained by verifying the user basic data of the second user;
and the first sending module is used for sending the user verification result to the second mechanism.
24. The apparatus of claim 23, wherein the first institution is a sponsoring institution and the second institution is a financial institution.
25. The apparatus of claim 24, wherein the first user identification information comprises an account number registered by the first user at the first organization or an account number assigned by a system of the first organization to the first user when the first user initiates a purchase operation at the first organization;
the second user identification information comprises an account number registered by the second user at the first mechanism, or an account number distributed to the second user by a system of the first mechanism when the second user initiates a purchase operation at the first mechanism.
26. The apparatus according to claim 25, wherein the second user identification information is user identification information of the second user sent to the second organization by the first organization after the user basic data of the second user is obtained.
27. The apparatus of claim 25, the first subscriber identity information comprising: carrying out hash calculation on one or more items of information of the first user to obtain an abstract value;
the second user identification information includes: and carrying out hash calculation on one or more items of information of the second user to obtain a summary value.
28. The apparatus of claim 27, the first subscriber identity information comprising: calculating the summary value of one or more items of information of the first user through salting and hashing;
the second user identification information includes: and calculating the summary value of one or more items of information of the second user by adding salt and hashing.
29. The apparatus according to claim 23 or 24, wherein the first obtaining module is specifically configured to:
obtaining a target transaction with the privacy computation unit deployed on a blockchain;
or, acquiring the target transaction by utilizing the privacy calculation unit deployed under the blockchain.
30. The apparatus of claim 29, further comprising:
a first attestation module to attest, by the privacy computing unit, an identity of the privacy computing unit to the first authority;
a second attestation module to attest, by the privacy computing unit, an identity of the privacy computing unit to the second institution.
31. The apparatus of claim 29, the parameters of the first transaction further comprising a signature of the first institution; the parameters of the second transaction also include a signature of the second institution.
32. The apparatus of claim 29, the first user identification information included in the parameters of the first transaction is encrypted; the second user identification information included in the parameters of the second transaction is encrypted.
33. The apparatus according to claim 23 or 24, wherein the first determining module is specifically configured to:
and judging whether the transaction parameters contained in the first updated cumulative calling information meet the transaction parameter conditions defined in the execution conditions.
34. The apparatus of claim 33, the transaction parameter condition comprising: at least one of the first transaction parameter condition and the second transaction parameter condition is satisfied;
the first transaction parameter condition is that the amount of encrypted user base data of the first user reaches a first threshold; the second transaction parameter condition is that a quantity of second user identification information of the second user reaches a second threshold.
35. The apparatus according to claim 23 or 24, wherein the first determining module is specifically configured to:
and judging whether the identity identification information of the transaction initiator in the first updated accumulated calling information meets the identity condition of the calling party aiming at the target intelligent contract defined in the execution condition.
36. The apparatus according to claim 23 or 24, wherein the first determining module is specifically configured to:
and judging whether the transaction quantity in the first updated accumulated calling information meets the transaction quantity condition defined in the execution condition.
37. The apparatus of claim 36, wherein the transaction quantity condition is that a first transaction quantity condition and a second transaction quantity condition are satisfied simultaneously;
the first transaction quantity condition is that the transaction quantity of the first transaction reaches a third threshold; the second transaction amount condition is that the transaction amount of the second transaction reaches a fourth threshold.
38. The apparatus of claim 37, the third threshold equal to 1; the fourth threshold is equal to 1.
39. The apparatus of claim 23 or 24, further comprising:
the second obtaining module is used for obtaining the appointed transaction if the first judgment result shows that the first updated accumulated calling information does not meet the execution condition; the designated transaction is a transaction initiated by the first or second institution subsequent to the target transaction to invoke the target smart contract;
the second updating module is used for updating the first updated accumulated calling information according to the transaction information of the appointed transaction to obtain second updated accumulated calling information;
the second judgment module is used for judging whether the second updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a second judgment result;
and the second execution module is configured to execute the contract code corresponding to the target intelligent contract to obtain the user verification result if the second determination result indicates that the second updated cumulative call information satisfies the execution condition.
40. The apparatus of claim 23 or 24, wherein the first sending module is specifically configured to:
sending the user verification result digitally signed by the privacy computing unit to the second institution;
or sending the user verification result digitally signed by the target smart contract to the second institution.
41. The apparatus of claim 23 or 24, further comprising:
and the determining module is used for determining that the second mechanism is a mechanism meeting the preset condition.
42. The apparatus of claim 23 or 24, further comprising:
and the second sending module is used for sending the proof of the user verification result to the block chain network.
43. The apparatus of claim 42, the proof of the user authentication result comprising:
a verifiable statement signed by the privacy computation unit;
or, the hash value signed by the privacy computation unit is obtained by performing hash computation on the user verification result.
44. The apparatus of claim 23 or 24, further comprising:
a state switching module, configured to switch a state machine corresponding to the target intelligent contract to a final state if the first determination result indicates that the first updated cumulative call information satisfies the execution condition, where the final state is used to indicate a contract code for executing the target intelligent contract;
and the state determining module is used for determining the intermediate state of the state machine corresponding to the target intelligent contract according to the first updated accumulated calling information if the first judgment result shows that the first updated accumulated calling information does not meet the execution condition.
45. An information sharing apparatus comprising:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
obtaining a target transaction, wherein the target transaction is a first transaction initiated by a first mechanism for invoking a target intelligent contract or a second transaction initiated by a second mechanism for invoking the target intelligent contract; the parameters of the first transaction comprise first user identification information of a first user and encrypted user basic data of the first user; the parameter of the second transaction comprises second user identification information of a second user;
updating the cumulative calling information aiming at the target intelligent contract according to the transaction information of the target transaction to obtain first updated cumulative calling information;
judging whether the first updated accumulated calling information meets the execution condition aiming at the target intelligent contract or not to obtain a first judgment result;
if the first judgment result shows that the first updated accumulated calling information meets the execution condition, executing a contract code corresponding to the target intelligent contract to obtain a user verification result; the user verification result is a verification result obtained by verifying the user basic data of the second user;
and sending the user authentication result to the second institution.
CN202010898593.3A 2020-08-31 2020-08-31 Information sharing method, device and equipment Active CN111770112B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010898593.3A CN111770112B (en) 2020-08-31 2020-08-31 Information sharing method, device and equipment
US17/364,612 US11310244B2 (en) 2020-08-31 2021-06-30 Information sharing methods, apparatuses, and devices

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010898593.3A CN111770112B (en) 2020-08-31 2020-08-31 Information sharing method, device and equipment

Publications (2)

Publication Number Publication Date
CN111770112A true CN111770112A (en) 2020-10-13
CN111770112B CN111770112B (en) 2020-11-17

Family

ID=72729731

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010898593.3A Active CN111770112B (en) 2020-08-31 2020-08-31 Information sharing method, device and equipment

Country Status (2)

Country Link
US (1) US11310244B2 (en)
CN (1) CN111770112B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112541540A (en) * 2020-12-09 2021-03-23 上海硕恩网络科技股份有限公司 Data fusion method, device, equipment and storage medium
CN113285954A (en) * 2021-06-02 2021-08-20 网易(杭州)网络有限公司 Verifiable statement verification method, system, electronic device and storage medium
CN113765875A (en) * 2020-11-17 2021-12-07 北京京东乾石科技有限公司 Feedback method and device of data verification information

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210314293A1 (en) * 2020-04-02 2021-10-07 Hewlett Packard Enterprise Development Lp Method and system for using tunnel extensible authentication protocol (teap) for self-sovereign identity based authentication
KR102610011B1 (en) * 2021-10-21 2023-12-04 고려대학교 산학협력단 Method for reducing smart contract fee of dapp, recording medium and compute server for performing the method

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI629658B (en) * 2017-05-08 2018-07-11 富邦金融控股股份有限公司 Know your customer (kyc) data sharing system based on smart contract on blockchain and method thereof
CN108494090A (en) * 2018-04-16 2018-09-04 华东师范大学 A kind of energy net connection intelligent apparatus and system based on block chain
CN109615386A (en) * 2018-11-28 2019-04-12 优钱付(浙江)信息科技有限公司 KYC anti money washing method, apparatus, equipment and the medium of recurrent wrIting block chain
US20190228393A1 (en) * 2018-01-19 2019-07-25 Alibaba Group Holding Limited Fund flow processing method and device
US20190236598A1 (en) * 2018-01-31 2019-08-01 Salesforce.Com, Inc. Systems, methods, and apparatuses for implementing machine learning models for smart contracts using distributed ledger technologies in a cloud based computing environment
CN111147432A (en) * 2018-11-06 2020-05-12 富邦金融控股股份有限公司 KYC data sharing system with confidentiality and method thereof
CN111368340A (en) * 2020-01-04 2020-07-03 链农(深圳)信息科技有限公司 Block chain-based evidence-based security verification method and device and hardware equipment

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160275461A1 (en) * 2015-03-20 2016-09-22 Rivetz Corp. Automated attestation of device integrity using the block chain
CN106651346A (en) 2016-11-28 2017-05-10 上海凯岸信息科技有限公司 Block chain-based credit investigation data sharing and trading system
EP3622660B1 (en) * 2017-05-12 2023-08-30 Massachusetts Institute of Technology Systems and methods for crowdsourcing, analyzing, and/or matching personal data
US20190095879A1 (en) * 2017-09-26 2019-03-28 Cornell University Blockchain payment channels with trusted execution environments
US10839107B2 (en) * 2019-05-30 2020-11-17 Advanced New Technologies Co., Ltd. Managing a smart contract on a blockchain
US10790979B1 (en) * 2019-08-29 2020-09-29 Alibaba Group Holding Limited Providing high availability computing service by issuing a certificate

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI629658B (en) * 2017-05-08 2018-07-11 富邦金融控股股份有限公司 Know your customer (kyc) data sharing system based on smart contract on blockchain and method thereof
US20190228393A1 (en) * 2018-01-19 2019-07-25 Alibaba Group Holding Limited Fund flow processing method and device
US20190236598A1 (en) * 2018-01-31 2019-08-01 Salesforce.Com, Inc. Systems, methods, and apparatuses for implementing machine learning models for smart contracts using distributed ledger technologies in a cloud based computing environment
CN108494090A (en) * 2018-04-16 2018-09-04 华东师范大学 A kind of energy net connection intelligent apparatus and system based on block chain
CN111147432A (en) * 2018-11-06 2020-05-12 富邦金融控股股份有限公司 KYC data sharing system with confidentiality and method thereof
CN109615386A (en) * 2018-11-28 2019-04-12 优钱付(浙江)信息科技有限公司 KYC anti money washing method, apparatus, equipment and the medium of recurrent wrIting block chain
CN111368340A (en) * 2020-01-04 2020-07-03 链农(深圳)信息科技有限公司 Block chain-based evidence-based security verification method and device and hardware equipment

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113765875A (en) * 2020-11-17 2021-12-07 北京京东乾石科技有限公司 Feedback method and device of data verification information
CN113765875B (en) * 2020-11-17 2023-09-26 北京京东振世信息技术有限公司 Feedback method and device for data verification information
CN112541540A (en) * 2020-12-09 2021-03-23 上海硕恩网络科技股份有限公司 Data fusion method, device, equipment and storage medium
CN112541540B (en) * 2020-12-09 2024-08-20 上海硕恩网络科技股份有限公司 Data fusion method, device, equipment and storage medium
CN113285954A (en) * 2021-06-02 2021-08-20 网易(杭州)网络有限公司 Verifiable statement verification method, system, electronic device and storage medium
CN113285954B (en) * 2021-06-02 2022-12-06 网易(杭州)网络有限公司 Verifiable statement verification method, system, electronic device and storage medium

Also Published As

Publication number Publication date
US20210329009A1 (en) 2021-10-21
CN111770112B (en) 2020-11-17
US11310244B2 (en) 2022-04-19

Similar Documents

Publication Publication Date Title
CN111770200B (en) Information sharing method and system
CN111770201B (en) Data verification method, device and equipment
CN111770112B (en) Information sharing method, device and equipment
CN111770199B (en) Information sharing method, device and equipment
CN111767578B (en) Data inspection method, device and equipment
EP3073670B1 (en) A system and a method for personal identification and verification
CN111770198B (en) Information sharing method, device and equipment
US20210314164A1 (en) Block content editing methods and apparatuses
US11954686B2 (en) Information sharing methods and systems
US11514445B2 (en) Information sharing methods, apparatuses, and devices
CN112785202A (en) Asset management method, device and system
CN111814172A (en) Method, device and equipment for acquiring data authorization information
CN113704775A (en) Service processing method based on distributed digital identity and related device
CN111818094B (en) Identity registration method, device and equipment
CN114372280A (en) Block chain service execution method and device based on multi-sign intelligent contract

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40039460

Country of ref document: HK